AKIBIA'S PRACTICAL GUIDE TO ENTERPRISE TECHNOLOGY
Wednesday, January 13, 2010
Your Workers are Surfing While Snacking on a Big Mac - Time to Revisit Managing Your End-Point.
The availability of wireless networks has proliferated in our society to the point where even at your neighborhood McDonalds you can get online. By the end of this week 11,500 of the 14,000 McDonald’s restaurants in the United States will offer free Wi-Fi to customers. This readily available access can lead to increased employee productivity for your organization—team members will be collaborating even while munching on a McNugget.
27 million people eat at one of McDonald’s 30,000 restaurants per day so chances are high someone on your team will connect in from McDonald’s often. With this increased Wi-Fi availability, comes greater requirements for organizations to secure and protect the end-point. With budgets tight and perhaps a reduced IT staff over the last couple of years, IT organizations may not have remained focused on securing their organization’s laptops. Instead, scarce budget and resources may have gone to other projects. This announcement from McDonalds is a great reminder that you need to focus on better securing and managing your organization’s end-point devices.
Some basic, but often overlooked, security measures that should be in place include:
- Regular and automated patching of client systems for vulnerabilities;
- Personal firewalls installed and regularly updated on all laptops;
- Anti-virus/malware client installed and regularly updated on all devices;
- Data encryption;
- Screen guards for laptops to prevent others from looking at screen content;
- Elimination of sensitive data on laptops;
- Education for all laptop users on the basics of Wi-Fi security.
Companies must have systems and policies in place to effectively and securely manage all laptops and end-point devices. This is best done with a central management console and automated reporting that is done regularly on all of these devices to ensure that they remain in compliance with your organization’s standards.
There are many solutions readily available that will likely fit seamlessly into your existing security strategy. The main challenge to adoption that I have seen is available time, funding and prioritization in effectively addressing this issue. In recent months I have noticed organizations moving to encrypt their data with the impending implementation of MA 201 CMR 17 (MA Data Privacy law) but many companies still lack a cohesive end-point strategy.
Also worth noting is that IT organizations should have a policy and process to address sensitive data management -- tracking where those files reside and who is accessing them. But that will be a topic for another day. For now, I will enjoy my McChicken sandwich while I securely complete my timesheet…..
